InfoSec News Nuggets 07/25/2023

Novel Open Source Supply Chain Attacks Target Banking Sector  Application security provider Checkmarx has identified what it described as the first open source software supply chain attacks targeting the banking sector. In a recent report, Checkmarx researchers analyzed two distinct, sophisticated supply chain attacks relying on open source toolsets. Both attacks’ targets were banks. The first attack started in February 2023, when a threat actor uploaded a package to NPM, the world’s largest software registry. This package contained a payload designed to latch…
Read More